As a Microsoft Cybersecurity Architect, you are tasked with designing a solution for a government organization that processes classified data and must comply with the National Industrial Security Program Operating Manual (NISPOM). The solution must enforce security controls in the Azure environment to ensure compliance. Given the constraints of cost, compliance, and scalability, which of the following approaches would BEST utilize Azure Policy to meet these requirements? (Choose one option.)

Simulated

Implement custom Azure Policy definitions to enforce data classification and labeling for classified data, ensuring sensitive data is identified and protected according to NISPOM requirements.

0.0%

Assign built-in Azure Policy initiatives to the organization's resource groups to enforce compliance with NISPOM security controls, including but not limited to access control and audit logging.

50.0%

Configure Azure Policy to mandate the use of Azure Key Vault for all cryptographic keys used in encrypting classified data, ensuring key management complies with NISPOM.

0.0%

Leverage Azure Policy in conjunction with Azure Security Center to continuously monitor and remediate security vulnerabilities associated with classified data processing.

50.0%

Microsoft Cybersecurity Architect Expert SC-100

Comments

Get started today